Phishing is an attempt to obtain sensitive or personal information such as usernames, passwords and credit card details by disguising itself as a trustworthy entity in an electronic communication. These can be classified as follows;
Phishing (Email) - An email sent out to millions of people globally with no common link.
Spear Phishing (Email) - These attacks are more targeted because attackers research the users or organisation to make the email more believeable (holiday destinations, sports team, pets etc).
Whaling (Email) - Not technically a fish but this type of attack is aimed at the "big fish" in a organisation...CEO's, COO's, CFO's, CIO's.
Vishing (Voice) - Cold calls trying to gain information from you by phone.
Smishing or SMiShing (SMS) - These send links via text message (like emails) to gain personal information.
Search Engine (www) - These use keywords in searches to direct usets to fake websites.
If you think you have a phishing email, here are some steps on what to do:
(If you are still working with a previous version of Microsoft Outlook with a simplified ribbon)
*If you do not have either of the options above, you can forward the message to report-phishing@qmul.ac.uk
If you think you have responded to an phishing email, here are some steps to protect your details: